[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] xsm: add remote_remap permission

# HG changeset patch
# User Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
# Date 1324218799 0
# Node ID 5ce5aca98404e6982137102fa1f64265f3d97361
# Parent  31f09a4c577205e896895f4a510b576e76834c45
xsm: add remote_remap permission

The mmu_update hypercall can be used to manipulate the page tables of
a remote domain. Add a check for this in the XSM hook in addition to
the existing check on mapping pages of a remote domain.

Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
---


diff -r 31f09a4c5772 -r 5ce5aca98404 
tools/flask/policy/policy/flask/access_vectors
--- a/tools/flask/policy/policy/flask/access_vectors    Sun Dec 18 14:32:49 
2011 +0000
+++ b/tools/flask/policy/policy/flask/access_vectors    Sun Dec 18 14:33:19 
2011 +0000
@@ -128,6 +128,7 @@
     pinpage
     mfnlist
     memorymap
+    remote_remap
 }
 
 class shadow
diff -r 31f09a4c5772 -r 5ce5aca98404 xen/arch/x86/mm.c
--- a/xen/arch/x86/mm.c Sun Dec 18 14:32:49 2011 +0000
+++ b/xen/arch/x86/mm.c Sun Dec 18 14:33:19 2011 +0000
@@ -3517,7 +3517,7 @@
         {
             p2m_type_t p2mt;
 
-            rc = xsm_mmu_normal_update(d, pg_owner, req.val);
+            rc = xsm_mmu_normal_update(d, pt_owner, pg_owner, req.val);
             if ( rc )
                 break;
             rc = -EINVAL;
diff -r 31f09a4c5772 -r 5ce5aca98404 xen/include/xsm/xsm.h
--- a/xen/include/xsm/xsm.h     Sun Dec 18 14:32:49 2011 +0000
+++ b/xen/include/xsm/xsm.h     Sun Dec 18 14:33:19 2011 +0000
@@ -141,8 +141,8 @@
     int (*getidletime) (void);
     int (*machine_memory_map) (void);
     int (*domain_memory_map) (struct domain *d);
-    int (*mmu_normal_update) (struct domain *d, struct domain *f, 
-                                                                intpte_t fpte);
+    int (*mmu_normal_update) (struct domain *d, struct domain *t,
+                              struct domain *f, intpte_t fpte);
     int (*mmu_machphys_update) (struct domain *d, unsigned long mfn);
     int (*update_va_mapping) (struct domain *d, struct domain *f, 
                                                             l1_pgentry_t pte);
@@ -593,10 +593,10 @@
     return xsm_call(domain_memory_map(d));
 }
 
-static inline int xsm_mmu_normal_update (struct domain *d, struct domain *f, 
-                                                                intpte_t fpte)
+static inline int xsm_mmu_normal_update (struct domain *d, struct domain *t,
+                                         struct domain *f, intpte_t fpte)
 {
-    return xsm_call(mmu_normal_update(d, f, fpte));
+    return xsm_call(mmu_normal_update(d, t, f, fpte));
 }
 
 static inline int xsm_mmu_machphys_update (struct domain *d, unsigned long mfn)
diff -r 31f09a4c5772 -r 5ce5aca98404 xen/xsm/dummy.c
--- a/xen/xsm/dummy.c   Sun Dec 18 14:32:49 2011 +0000
+++ b/xen/xsm/dummy.c   Sun Dec 18 14:33:19 2011 +0000
@@ -399,8 +399,8 @@
     return 0;
 }
 
-static int dummy_mmu_normal_update (struct domain *d, struct domain *f, 
-                                                                intpte_t fpte)
+static int dummy_mmu_normal_update (struct domain *d, struct domain *t,
+                                    struct domain *f, intpte_t fpte)
 {
     return 0;
 }
diff -r 31f09a4c5772 -r 5ce5aca98404 xen/xsm/flask/hooks.c
--- a/xen/xsm/flask/hooks.c     Sun Dec 18 14:32:49 2011 +0000
+++ b/xen/xsm/flask/hooks.c     Sun Dec 18 14:33:19 2011 +0000
@@ -1008,8 +1008,8 @@
     return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__MEMORYMAP);
 }
 
-static int flask_mmu_normal_update(struct domain *d, struct domain *f, 
-                                   intpte_t fpte)
+static int flask_mmu_normal_update(struct domain *d, struct domain *t,
+                                   struct domain *f, intpte_t fpte)
 {
     int rc = 0;
     u32 map_perms = MMU__MAP_READ;
@@ -1017,6 +1017,11 @@
     struct domain_security_struct *dsec;
     u32 fsid;
 
+    if (d != t)
+        rc = domain_has_perm(d, t, SECCLASS_MMU, MMU__REMOTE_REMAP);
+    if ( rc )
+        return rc;
+
     if ( !(l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_PRESENT) )
         return 0;
 
diff -r 31f09a4c5772 -r 5ce5aca98404 xen/xsm/flask/include/av_perm_to_string.h
--- a/xen/xsm/flask/include/av_perm_to_string.h Sun Dec 18 14:32:49 2011 +0000
+++ b/xen/xsm/flask/include/av_perm_to_string.h Sun Dec 18 14:33:19 2011 +0000
@@ -87,6 +87,7 @@
    S_(SECCLASS_MMU, MMU__PINPAGE, "pinpage")
    S_(SECCLASS_MMU, MMU__MFNLIST, "mfnlist")
    S_(SECCLASS_MMU, MMU__MEMORYMAP, "memorymap")
+   S_(SECCLASS_MMU, MMU__REMOTE_REMAP, "remote_remap")
    S_(SECCLASS_SHADOW, SHADOW__DISABLE, "disable")
    S_(SECCLASS_SHADOW, SHADOW__ENABLE, "enable")
    S_(SECCLASS_SHADOW, SHADOW__LOGDIRTY, "logdirty")
diff -r 31f09a4c5772 -r 5ce5aca98404 xen/xsm/flask/include/av_permissions.h
--- a/xen/xsm/flask/include/av_permissions.h    Sun Dec 18 14:32:49 2011 +0000
+++ b/xen/xsm/flask/include/av_permissions.h    Sun Dec 18 14:33:19 2011 +0000
@@ -92,6 +92,7 @@
 #define MMU__PINPAGE                              0x00000200UL
 #define MMU__MFNLIST                              0x00000400UL
 #define MMU__MEMORYMAP                            0x00000800UL
+#define MMU__REMOTE_REMAP                         0x00001000UL
 
 #define SHADOW__DISABLE                           0x00000001UL
 #define SHADOW__ENABLE                            0x00000002UL

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.